9ine Consulting Blog
Whichever sector you operate in, new data protection law makes it a legal requirement that you assess the risks to your IT systems and services. Your journey to compliance should therefore start with a thorough assessment of your current IT and data ...
Data Protection Headache? Breach Nightmares? Manage Your GDPR Journey with 9ine's Compliance Toolkit
When it comes to data protection compliance, one of our most frequent requests is, “how can I keep track of the many projects related to the GDPR.” Managing the road to compliance is a headache for even the most organised Project Managers tasked ...
In May 2018, the Information Commissioner's Office (the UK data protection supervisory authority) published guidance on the completion of data protection impact assessments (DPIAs). The guidance is nothing new; it summarises the European Data ...
The recent revised and adopted guidelines on personal data breach notification under the GDPR have been published. These guidelines set out examples of what a personal data breach is and the actions expected of data controllers and processors. This ...
The GDPR principle of ‘accountability’ requires schools to demonstrate compliance with the regulation. Within this update we discuss what this means in practice. For more information on how we can support your school, see our DPO Essentials Service ...
The GDPR makes it a requirement for all public authorities (state funded schools) to have a designated Data Protection Officer (DPO). All other types of school must document and undertake an internal analysis to determine whether a DPO needs ...
After months of waiting, the GDPR is recognised into law across the EU. Within the UK this was through the Data Protection Act 2018 and in countries across the EU, through similar legislation. In countries outside the EU, the obligations of the GDPR ...
The Information Commissioner's Office (the UK data protection supervisory authority) last week published its Regulatory Action Policy. The policy has been created to provide direction and focus for those they regulate, specifically the action that ...
There is confusion in regard to the appoint of a Data Protection Officer (DPO), their responsibilities, the Data Controller's responsibility to the DPO, and also whether those obligations dissipate if a DPO isn't legally required. This article ...
In preparation for the GDPR, organisations need to take certain steps to demonstrate they are taking the regulation seriously. In supporting education organisations, we have taken the guidance from the UK Supervisory Authority* and adapted it for ...
